General
-
Target
cea8570dc1cf4b9fdbe95dbd54592ad6165846c37e9fe707d2261b93bf1d8b4c
-
Size
19.2MB
-
Sample
220528-z32bxahbhq
-
MD5
79a96bb852ef4835ef9b25478f4a2ec3
-
SHA1
086f4a6046d888564f40143b81e378a28dfc8168
-
SHA256
cea8570dc1cf4b9fdbe95dbd54592ad6165846c37e9fe707d2261b93bf1d8b4c
-
SHA512
48453bcf4ece8511ed37c5a7ec49df05fff6be9a8c9a8f56aa973f5a800c6fa2859cb0c2d827ef1355f1c06a6bc684d0fb1c0d32532b667a099b5aca6583d80b
Static task
static1
Malware Config
Targets
-
-
Target
cea8570dc1cf4b9fdbe95dbd54592ad6165846c37e9fe707d2261b93bf1d8b4c
-
Size
19.2MB
-
MD5
79a96bb852ef4835ef9b25478f4a2ec3
-
SHA1
086f4a6046d888564f40143b81e378a28dfc8168
-
SHA256
cea8570dc1cf4b9fdbe95dbd54592ad6165846c37e9fe707d2261b93bf1d8b4c
-
SHA512
48453bcf4ece8511ed37c5a7ec49df05fff6be9a8c9a8f56aa973f5a800c6fa2859cb0c2d827ef1355f1c06a6bc684d0fb1c0d32532b667a099b5aca6583d80b
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-